github.com/prebid/prebid-server/v2@v2.18.0/gdpr/aggregated_config.go (about)

     1  package gdpr
     2  
     3  import (
     4  	"github.com/prebid/go-gdpr/consentconstants"
     5  
     6  	"github.com/prebid/prebid-server/v2/config"
     7  	"github.com/prebid/prebid-server/v2/openrtb_ext"
     8  )
     9  
    10  // TCF2ConfigReader is an interface to access TCF2 configurations
    11  type TCF2ConfigReader interface {
    12  	BasicEnforcementVendors() map[string]struct{}
    13  	FeatureOneEnforced() bool
    14  	FeatureOneVendorException(openrtb_ext.BidderName) bool
    15  	ChannelEnabled(config.ChannelType) bool
    16  	IsEnabled() bool
    17  	PurposeEnforced(consentconstants.Purpose) bool
    18  	PurposeEnforcementAlgo(consentconstants.Purpose) config.TCF2EnforcementAlgo
    19  	PurposeEnforcingVendors(consentconstants.Purpose) bool
    20  	PurposeVendorExceptions(consentconstants.Purpose) map[string]struct{}
    21  	PurposeOneTreatmentEnabled() bool
    22  	PurposeOneTreatmentAccessAllowed() bool
    23  }
    24  
    25  type TCF2ConfigBuilder func(hostConfig config.TCF2, accountConfig config.AccountGDPR) TCF2ConfigReader
    26  
    27  type tcf2Config struct {
    28  	HostConfig    config.TCF2
    29  	AccountConfig config.AccountGDPR
    30  }
    31  
    32  // NewTCF2Config creates an instance of tcf2Config which implements the TCF2ConfigReader interface
    33  func NewTCF2Config(hostConfig config.TCF2, accountConfig config.AccountGDPR) TCF2ConfigReader {
    34  	return &tcf2Config{
    35  		HostConfig:    hostConfig,
    36  		AccountConfig: accountConfig,
    37  	}
    38  }
    39  
    40  // IsEnabled indicates if TCF2 is enabled
    41  func (tc *tcf2Config) IsEnabled() bool {
    42  	return tc.HostConfig.Enabled
    43  }
    44  
    45  // ChannelEnabled checks if a given channel type is enabled at the account level. If it is not set at the
    46  // account level, the host TCF2 enabled flag is used to determine if the channel type is enabled.
    47  func (tc *tcf2Config) ChannelEnabled(channelType config.ChannelType) bool {
    48  	if accountEnabled := tc.AccountConfig.EnabledForChannelType(channelType); accountEnabled != nil {
    49  		return *accountEnabled
    50  	}
    51  	return tc.HostConfig.Enabled
    52  }
    53  
    54  // PurposeEnforced checks if full enforcement is turned on for a given purpose by first looking at the account
    55  // settings, and if not set there, defaulting to the host configuration. With full enforcement enabled, the
    56  // GDPR full enforcement algorithm will execute for that purpose determining legal basis; otherwise it's skipped.
    57  func (tc *tcf2Config) PurposeEnforced(purpose consentconstants.Purpose) bool {
    58  	if value, exists := tc.AccountConfig.PurposeEnforced(purpose); exists {
    59  		return value
    60  	}
    61  
    62  	value := tc.HostConfig.PurposeEnforced(purpose)
    63  	return value
    64  }
    65  
    66  // PurposeEnforcementAlgo checks the purpose enforcement algo for a given purpose by first
    67  // looking at the account settings, and if not set there, defaulting to the host configuration.
    68  func (tc *tcf2Config) PurposeEnforcementAlgo(purpose consentconstants.Purpose) config.TCF2EnforcementAlgo {
    69  	if value, exists := tc.AccountConfig.PurposeEnforcementAlgo(purpose); exists {
    70  		return value
    71  	}
    72  	return tc.HostConfig.PurposeEnforcementAlgo(purpose)
    73  }
    74  
    75  // PurposeEnforcingVendors checks if enforcing vendors is turned on for a given purpose by first looking at the
    76  // account settings, and if not set there, defaulting to the host configuration. With enforcing vendors enabled,
    77  // the GDPR full enforcement algorithm considers the GVL when determining legal basis; otherwise it's skipped.
    78  func (tc *tcf2Config) PurposeEnforcingVendors(purpose consentconstants.Purpose) bool {
    79  	if value, exists := tc.AccountConfig.PurposeEnforcingVendors(purpose); exists {
    80  		return value
    81  	}
    82  
    83  	value := tc.HostConfig.PurposeEnforcingVendors(purpose)
    84  	return value
    85  }
    86  
    87  // PurposeVendorExceptions returns the vendor exception map for the specified purpose if it exists for the account;
    88  // otherwise it returns a nil map. If a bidder/analytics adapter is a vendor exception, the GDPR full enforcement algorithm will
    89  // bypass the legal basis calculation assuming the request is valid and there isn't a "deny all" publisher restriction
    90  func (tc *tcf2Config) PurposeVendorExceptions(purpose consentconstants.Purpose) map[string]struct{} {
    91  	if value, exists := tc.AccountConfig.PurposeVendorExceptions(purpose); exists {
    92  		return value
    93  	}
    94  	return tc.HostConfig.PurposeVendorExceptions(purpose)
    95  }
    96  
    97  // FeatureOneEnforced checks if special feature one is enforced by first looking at the account settings, and if not
    98  // set there, defaulting to the host configuration. If it is enforced, PBS will determine whether geo information
    99  // may be passed through in the bid request.
   100  func (tc *tcf2Config) FeatureOneEnforced() bool {
   101  	if value, exists := tc.AccountConfig.FeatureOneEnforced(); exists {
   102  		return value
   103  	}
   104  	value := tc.HostConfig.FeatureOneEnforced()
   105  	return value
   106  }
   107  
   108  // FeatureOneVendorException checks if the specified bidder is considered a vendor exception for special feature one
   109  // by first looking at the account settings, and if not set there, defaulting to the host configuration. If a bidder
   110  // is a vendor exception, PBS will bypass the pass geo calculation passing the geo information in the bid request.
   111  func (tc *tcf2Config) FeatureOneVendorException(bidder openrtb_ext.BidderName) bool {
   112  	if value, exists := tc.AccountConfig.FeatureOneVendorException(bidder); exists {
   113  		return value
   114  	}
   115  	value := tc.HostConfig.FeatureOneVendorException(bidder)
   116  	return value
   117  }
   118  
   119  // PurposeOneTreatmentEnabled checks if purpose one treatment is enabled by first looking at the account settings, and
   120  // if not set there, defaulting to the host configuration.
   121  func (tc *tcf2Config) PurposeOneTreatmentEnabled() bool {
   122  	if value, exists := tc.AccountConfig.PurposeOneTreatmentEnabled(); exists {
   123  		return value
   124  	}
   125  	value := tc.HostConfig.PurposeOneTreatmentEnabled()
   126  	return value
   127  }
   128  
   129  // PurposeOneTreatmentAccessAllowed checks if purpose one treatment access is allowed by first looking at the account
   130  // settings, and if not set there, defaulting to the host configuration.
   131  func (tc *tcf2Config) PurposeOneTreatmentAccessAllowed() bool {
   132  	if value, exists := tc.AccountConfig.PurposeOneTreatmentAccessAllowed(); exists {
   133  		return value
   134  	}
   135  	value := tc.HostConfig.PurposeOneTreatmentAccessAllowed()
   136  	return value
   137  }
   138  
   139  // BasicEnforcementVendors returns the basic enforcement map if it exists for the account; otherwise it returns
   140  // an empty map. If a bidder is considered a basic enforcement vendor, the legal basis calculation for the bidder
   141  // only considers consent to the purpose, not the vendor. The idea is that the publisher trusts this vendor to
   142  // enforce the appropriate rules on their own. This only comes into play when enforceVendors is true as it lists
   143  // those vendors that are exempt for vendor enforcement.
   144  func (tc *tcf2Config) BasicEnforcementVendors() map[string]struct{} {
   145  	if tc.AccountConfig.BasicEnforcementVendorsMap != nil {
   146  		return tc.AccountConfig.BasicEnforcementVendorsMap
   147  	}
   148  	return make(map[string]struct{}, 0)
   149  }